Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tyJAmkAIDXgWIpPjGXVV_PEkUFs.roa
File:                     tyJAmkAIDXgWIpPjGXVV_PEkUFs.roa (raw, json)
Hash identifier:          O2Egdy7r6hJwfDl74yT5n61hRqfhKc3OzxACws6oDHA=
Subject key identifier:   B7:22:40:9A:40:08:0D:78:16:22:93:E3:19:75:55:FC:F1:24:50:5B
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189E3FA4A417C9D114194A1346EF79D9B48
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tyJAmkAIDXgWIpPjGXVV_PEkUFs.roa
Signing time:             Fri 11 Aug 2023 09:42:58 +0000
ROA not before:           Fri 11 Aug 2023 09:42:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     147291
IP address blocks:        89.213.135.0/24 maxlen: 24
                          89.213.138.0/24 maxlen: 24
                          89.213.137.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 22 Aug 2023 08:05:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:e3:fa:4a:41:7c:9d:11:41:94:a1:34:6e:f7:9d:9b:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug 11 09:42:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b722409a40080d78162293e3197555fcf124505b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:e4:99:34:b6:af:9f:06:ad:1f:5f:9b:51:a4:
                    f7:33:25:ef:92:21:32:87:5c:61:33:5a:7b:35:27:
                    40:71:14:5c:ab:f0:72:18:96:73:de:9c:9e:06:1b:
                    c6:b3:6a:d6:fd:68:eb:ff:5b:66:b5:dd:4e:7a:3c:
                    d4:51:6b:fd:de:24:ba:76:5d:d7:ab:c1:ef:49:7c:
                    e0:e6:c0:0c:8a:61:21:c7:2c:11:38:ed:dc:73:2d:
                    bb:20:e6:4b:ed:90:ba:61:d3:5e:f1:39:de:77:c7:
                    84:32:cc:37:7b:44:58:fa:ac:4a:42:26:c0:6c:30:
                    c7:a6:7b:76:a4:56:5c:e0:dd:74:0a:55:03:9b:f5:
                    42:d7:c6:ac:58:c0:e0:b4:cc:4d:14:7a:a4:38:d8:
                    ca:3d:1b:93:ca:49:63:73:7d:e7:4a:a5:3a:5c:07:
                    0d:6a:12:4e:ae:01:bf:e4:5f:e1:b8:8b:58:41:51:
                    7e:5c:cb:ae:59:dd:66:86:0a:26:9b:0a:a8:e1:7b:
                    fb:99:88:8d:93:6b:85:57:e2:33:8e:1a:63:85:77:
                    8b:98:29:c3:ba:92:0b:f1:a7:15:0f:b4:e6:e4:6b:
                    5a:30:8f:8e:e8:eb:a3:54:b2:32:3a:32:55:70:00:
                    a2:18:60:90:88:1a:3b:79:f8:c1:d3:b5:ce:23:b8:
                    36:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:22:40:9A:40:08:0D:78:16:22:93:E3:19:75:55:FC:F1:24:50:5B
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tyJAmkAIDXgWIpPjGXVV_PEkUFs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.135.0/24
                  89.213.137.0-89.213.138.255

    Signature Algorithm: sha256WithRSAEncryption
         13:d0:2c:e9:32:28:fa:7a:05:4d:e3:18:cb:39:3d:a7:ac:7d:
         65:2d:6e:1b:40:68:3e:e4:21:dd:b0:5d:32:50:44:32:b8:88:
         7e:3f:4d:f4:a8:0a:70:1e:80:a9:14:62:09:48:61:3e:94:f2:
         42:57:1d:67:cd:4c:72:de:51:26:40:24:d3:64:4a:85:b7:bb:
         37:60:19:c9:70:c9:6c:5e:fe:db:85:18:c6:de:6d:a4:e6:bb:
         b7:88:fb:6f:bc:8a:cd:ba:82:f1:f2:1d:96:ee:9a:13:2d:ae:
         49:8a:68:90:05:7d:e6:fe:94:25:13:6b:07:2e:8d:73:39:a7:
         5c:02:85:14:92:f8:01:78:00:11:10:27:17:7c:da:00:d0:09:
         bf:8c:2f:db:70:d0:52:f4:82:00:de:c4:2a:9a:df:0e:5c:32:
         f7:a8:e6:cb:02:f2:ab:5a:0f:40:90:4e:19:0c:83:ca:10:87:
         ca:c7:a3:b0:70:39:32:80:bb:16:53:24:c5:67:0f:c1:cf:42:
         ed:67:35:11:41:ad:e1:fb:f3:12:f6:5e:61:ed:6a:df:29:4f:
         cc:52:8b:5e:6f:7b:fd:d3:89:84:37:be:85:66:32:18:34:13:
         e3:87:71:91:cb:2d:4e:3e:d2:92:b9:1b:ab:3a:6b:55:74:81:
         33:9a:6e:b2
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYnj+kpBfJ0RQZShNG73nZtIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODExMDk0MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzIyNDA5YTQwMDgwZDc4MTYyMjkzZTMxOTc1NTVmY2YxMjQ1MDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OSZNLavnwatH1+bUaT3MyXvkiEy
h1xhM1p7NSdAcRRcq/ByGJZz3pyeBhvGs2rW/Wjr/1tmtd1OejzUUWv93iS6dl3X
q8HvSXzg5sAMimEhxywROO3ccy27IOZL7ZC6YdNe8Tned8eEMsw3e0RY+qxKQibA
bDDHpnt2pFZc4N10ClUDm/VC18asWMDgtMxNFHqkONjKPRuTykljc33nSqU6XAcN
ahJOrgG/5F/huItYQVF+XMuuWd1mhgommwqo4Xv7mYiNk2uFV+IzjhpjhXeLmCnD
upIL8acVD7Tm5GtaMI+O6OujVLIyOjJVcACiGGCQiBo7efjB07XOI7g2GwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLciQJpACA14FiKT4xl1VfzxJFBbMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdHlKQW1rQUlEWGdXSXBQakdYVlZfUEVrVUZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAWdWHMAwD
BABZ1YkDBABZ1YowDQYJKoZIhvcNAQELBQADggEBABPQLOkyKPp6BU3jGMs5Paes
fWUtbhtAaD7kId2wXTJQRDK4iH4/TfSoCnAegKkUYglIYT6U8kJXHWfNTHLeUSZA
JNNkSoW3uzdgGclwyWxe/tuFGMbebaTmu7eI+2+8is26gvHyHZbumhMtrkmKaJAF
feb+lCUTawcujXM5p1wChRSS+AF4ABEQJxd82gDQCb+ML9tw0FL0ggDexCqa3w5c
Mveo5ssC8qtaD0CQThkMg8oQh8rHo7BwOTKAuxZTJMVnD8HPQu1nNRFBreH78xL2
XmHtat8pT8xSi15ve/3TiYQ3voVmMhg0E+OHcZHLLU4+0pK5G6s6a1V0gTOabrI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org